1. Technical Field
The present invention relates generally to memory protection and privileged software execution in a data processing system. Specifically, the present invention is directed to a method of providing a privileged mode without the necessity of detecting protection faults.
2. Description of the Related Art
Many, if not most, modern operating systems and the hardware platforms that support them provide some form of facility for “memory protection.” Each application is allocated memory by the operating system and must access only those addresses in memory allocated to it. If a process attempts to access memory that is outside of the memory regions allocated to it, the illegal access attempt is detected by the operating system as an error (often called a “protection fault” or “segmentation fault”) and the offending process is terminated before disaster occurs. Memory protection can prevent many system crashes or other destructive behavior caused by software errors or malicious code (“malware”). Another important reason for restricting access to certain memory locations is to prevent proprietary or security-sensitive data or code from being examined by user-level processes, so as to prevent the creation of malware or the reverse engineering or unauthorized copying of proprietary information.
Memory protection is often utilized in conjunction with virtual memory. Virtual memory allows programs to execute in a “virtual address space,” which can exceed the actual physical memory of the machine. Virtual memory works by swapping pages of memory to/from secondary storage (such as a disk) so that only those pages currently being used are actually contained in memory. In virtual memory, a “page fault” occurs when an address being accessed in the virtual memory space does not currently exist in the physical memory and the page containing that address must be swapped into physical memory before the memory access is completed.
Although memory protection and virtual memory schemes are very useful, particularly for running today's very complex software, the protection schemes themselves increase the complexity of the computing hardware and the operating systems it supports. This is largely due to the fact that each memory access made by an application must be intercepted before being carried out, so that protection faults and page faults may be detected. In some applications, this added complexity is highly undesirable. For example, a processor intended for high-end multimedia or real-time computationally intensive applications may have multiple specialized processor cores (such as specialized vector processing cores) on a single chip for intensive number-crunching. In such instances, the added hardware and software complexity involved in implementing conventional memory protection for each core's local memory could severely impact the attainable degree of parallelism as well as the performance of each individual processor core.
What is needed, therefore, is a method of protecting sensitive data and code from unauthorized reads and writes and of executing larger-than-available-memory applications without relying on the additional complexity of protection- and page-fault-detection mechanisms. The present invention provides a solution to this and other problems, and offers other advantages over previous solutions.